/**
 * Package Name:com.mango.session
 * Date:2016年5月26日下午7:13:24
 * Copyright (c) 2016, www.chaincar.com All Rights Reserved.
 */

package com.platform.server.util;


import com.platform.server.interceptor.Access;
import org.apache.commons.lang.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.util.Assert;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import java.security.KeyPair;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;

/**
 * ClassName:SessionUtils <br/>
 * Function: Session工具类. <br/>
 * Date:     2017年7月7日16:17:12 <br/>
 * @author   lensong
 * @version  
 * @see 	 
 */
public class SessionUtils {
	private static Logger logger = LoggerFactory.getLogger(SessionUtils.class);


	public static final String USER_ID = "_user_id";
	public static final String USER_NAME = "_user_name";
	public static final String USER_ACCOUNT = "_user_account";
	public static final String USER_TYPE = "_user_type";
	public static final String TOKEN_KEY = "kxxbappaccesstoken";
	public static final String TOKEN_EXPIRED = "_token_expired";
	private static final String PRIVATE_KEY_ATTRIBUTE_NAME = "_user_privateKey";
	
	/**
	 * 设置基本缓存数据
	 * @author haibingwang
	 */
	public static void setSessionData(HttpServletRequest request, Integer user_id,
                                      String user_name, String user_account){
		if(request==null){
			return;
		}

		HttpSession session = request.getSession();
        session.setAttribute(USER_ID, user_id);
        session.setAttribute(USER_NAME, user_name);
        session.setAttribute(USER_ACCOUNT,user_account);
	}
	
	public static void setSessionData(HttpServletRequest request, String key, String value){
		if(request==null){
			return;
		}
		HttpSession session = request.getSession();
        session.setAttribute(key, value);
		logger.info(session.getAttribute(key)+"");
	}
	
	public static void setSessionData4API(HttpServletRequest request, Integer user_id,
                                          String user_name, String user_account,String token, String token_expired){
		setSessionData(request,user_id,user_name,user_account);
		setSessionData(request,TOKEN_KEY,token);
		setSessionData(request,TOKEN_EXPIRED,token_expired);
	}
	
	public static void logout(HttpServletRequest request){
		if(request == null){
			return;
		}
		
		HttpSession session = request.getSession(false);
        if (session == null) {
            return;
        }
        
        session.removeAttribute(USER_ID);
        session.removeAttribute(USER_NAME);
        session.removeAttribute(USER_ACCOUNT);
        session.invalidate();
	}
	
	public static Object getSessionData(HttpServletRequest request, String key){
		if(request == null){
			return null;
		}
		return request.getSession().getAttribute(key);
	}
	
	public static Integer getUserId(HttpServletRequest request){
		return (Integer) getSessionData(request, USER_ID);
	}
	
	public static String getUserName(HttpServletRequest request){
		return (String)getSessionData(request, USER_NAME);
	}
	
	public static String getUserAccount(HttpServletRequest request){
		return (String)getSessionData(request, USER_ACCOUNT);
	}
	
	public static boolean isLogin(HttpServletRequest request){
		return getUserId(request)!=null;
	}
	
	/*public static RSAPublicKey generateKey(HttpServletRequest request) {
		Assert.notNull(request);
		KeyPair keyPair = RSAUtils.generateKeyPair();
		RSAPublicKey publicKey = (RSAPublicKey)keyPair.getPublic();
		RSAPrivateKey privateKey = (RSAPrivateKey) keyPair.getPrivate();
		HttpSession session = request.getSession();
		session.setAttribute(PRIVATE_KEY_ATTRIBUTE_NAME, privateKey);
		return publicKey;
	}*/

	public static void removePrivateKey(HttpServletRequest request) {
		Assert.notNull(request);
		HttpSession session = request.getSession();
		session.removeAttribute(PRIVATE_KEY_ATTRIBUTE_NAME);
	}

	/*public static String decryptParameter(String name, HttpServletRequest request) {
		Assert.notNull(request);
		if (name != null) {
			HttpSession session = request.getSession();
			RSAPrivateKey privateKey = (RSAPrivateKey) session.getAttribute(PRIVATE_KEY_ATTRIBUTE_NAME);
			String parameter = request.getParameter(name);
			if (privateKey != null && StringUtils.isNotEmpty(parameter)) {
				return RSAUtils.decrypt(privateKey, parameter);
			}
		}
		return null;
	}*/

	public static String generateFormToken(String token_key ,HttpServletRequest request) {
		Assert.notNull(request);
		HttpSession session = request.getSession();
		String token = "_form_" + MD5Util.MD5(session.getId() + System.currentTimeMillis());
		session.setAttribute(token_key,token);
		return token;
	}
	
	public static boolean checkFormToken(String token_key,HttpServletRequest request){
		Assert.notNull(request);
		if(StringUtils.isNotBlank(token_key)){	// 先从请求参数中获取token的key
    		String submit_token_value_request = (String)request.getParameter(token_key);
    		String submit_token_value_session = (String)request.getSession().getAttribute(token_key);
    		
    		if(StringUtils.isNotBlank(submit_token_value_session) && submit_token_value_session.equals(submit_token_value_request)){
    			request.getSession().removeAttribute(token_key);
    			return true;
    		}
		}
		return false;
	}
}

